<?php
header('Content-Type: application/json; charset=utf-8');

// 这里填写栖岛开放平台的appid
$client_id = 'test_client';
// 这里填写栖岛开放平台的密钥
$client_secret = 'test_secret';
// 这里填写栖岛开放平台的回调地址
$redirect_uri = 'https://server.tvcloud.top/test/index.php';
// 这里填写栖岛开放平台的Scheme，兼容app客户端
$app_scheme = 'test://';

ini_set('display_errors', 1);
error_reporting(E_ALL);

function json_exit($data) {
    echo json_encode($data, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
    exit;
}

// 错误处理
if (isset($_GET['error'])) {
    json_exit([
        'success' => false,
        'error' => $_GET['error'],
        'error_description' => $_GET['error_description'] ?? '未知错误',
        'state' => $_GET['state'] ?? null
    ]);
}

if (!isset($_GET['code'])) {
    json_exit([
        'success' => false,
        'error' => 'missing_code',
        'error_description' => '未收到授权码',
    ]);
}

$code = $_GET['code'];
$state = $_GET['state'] ?? '';

$token_url = 'https://api.qidao.tvcloud.top/oauth2/token';
$post_data = [
    'grant_type' => 'authorization_code',
    'client_id' => $client_id,
    'client_secret' => $client_secret,
    'code' => $code,
    'redirect_uri' => $redirect_uri
];

// 请求 access_token
$ch = curl_init($token_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/x-www-form-urlencoded']);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

$token_data = json_decode($response, true);

if ($http_code !== 200 || empty($token_data['access_token'])) {
    json_exit([
        'success' => false,
        'error' => $token_data['error'] ?? 'token_error',
        'error_description' => $token_data['error_description'] ?? '令牌请求失败',
        'http_code' => $http_code,
        'raw_response' => $response
    ]);
}

$access_token = $token_data['access_token'];

// 使用 access_token 获取用户信息接口
$user_info_url = 'https://api.qidao.tvcloud.top/oauth2/userinfo/oauth?access_token=' . urlencode($access_token);

$ch = curl_init($user_info_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$user_response = curl_exec($ch);
curl_close($ch);

$user_data = json_decode($user_response, true);

// 最终 JSON 输出
json_exit([
    '注意：' => "这只是后端的Demo演示方便查看，实际当中应该将refresh_token刷新令牌放到数据库中，用于后续刷新access_token访问令牌来获取用户受保护的信息",
    'APP前端请求示例：' => "qidao://authorize?client_id=栖岛申请的应用id&redirect_uri=这里填写你的scheme地址&scope=需要用户的什么权限 多个权限使用空格分开&state=随机数&response_type=code",
    
    
    'success' => true,
    'access_token' => $access_token,
    'token_type' => $token_data['token_type'] ?? 'Bearer',
    'expires_in' => $token_data['expires_in'] ?? null,
    'refresh_token' => $token_data['refresh_token'] ?? null,
    'scope' => $token_data['scope'] ?? null,
    'state' => $state,
    'user' => $user_data['data'] ?? null,
    'raw_token_response' => $token_data,
    'raw_user_response' => $user_data
]);
?>
